If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

ATTENTION: Windows 10 users

Beta 2 build is now available!

If you just upgraded to Windows 10 or running build 10240 or greater of Win 10 pre-release you will need to download and install the new version of ZoneAlarm 14.0.157.000

Can't access internet anymore with Zonealarm Pro enabled

For no known reason, I cannot load any internet page without disabling Zonealarm Pro 6.5.
I&quot;ve had the program for almost a year (license expires now in 23 days.
Not a good way to say we'd like you to renew).
I'm running WinXP SPII.
I run Webroot Spysweeper and Trend Micro Anti-Virus simultaneously.
Zonealarm was the culprit.
I go to the Overview Tab of Zonealarm and see the lock unlocked and 3 programs running: IE; TMproxy.exe; and Generic Host Processes for Win 32 services.
I've looked through some of the other threads on this site and have run the cmd command to get the DHCP and DNS IP settings.
Typed them in and labeled them as trusted in the Firewall Zone.
I also have (always has been there, too) New Network which lists an IP address and a site address, also in the trusted zone; and then loopback adapter, again in the trusted zone.
I've gone through program control and all but approved everything that has an X, and noted in one of the other threads about Generic Host processes, so that has been totally given the green check mark across the board.
Still cannot load a page, without disabling Zone Alarm.
Help.
(Remember, I'm not exactly a guru, so keep any advice pretty easy to follow).
I have printed the uninstall directions, I'm just hoping for an easier result.
Dave

Re: Can't access internet anymore with Zonealarm Pro enabled

<blockquote><hr>dridge wrote:
... and noted in one of the other threads about Generic Host processes, so that has been totally given the green check mark across the board.</blockquote>

Hi:
It's not recommended to have green checkmarks &quot;across the board&quot; on Generic Host Service. Do not grant Internet Server permission. i.e., use only 3 green checkmarks: one each in &quot;access&quot; trusted and &quot;access&quot; internet, and one in &quot;trusted&quot; server. Internet server on that line should be ? or a Red X. Likewise &quot;send mail&quot; can be Red X or ?. It's very rare for any program to need internet server permission, and actually dangerous in most cases since it opens a port for that program.

You must be using a router, since you mentioned &quot;loopback adapter.&quot; What browser are you using, and have you made any recent changes/updates if any? Sounds like you've checked the ZA program control to be sure the browser has the proper permissions.

You also stated that in your ZA Firewall control page: &quot;New Network which lists an IP address and a site address, also in the trusted zone; and then loopback adapter, again in the trusted zone.&quot; Is this New Network the number of your router, which was automatically identified by ZA at initial setup? What throws me is when you state &quot;and a site address&quot;. Normally if you look at those settings when disconnected from the internet, the actual network does not show up unless connected. Only manually added entries remain in the list to be seen when disconnected. Most people won't normally need a &quot;site address&quot; for common activities, so I'm unclear on that. Do you mean that you manually added a site address in addition to the Net Network (i.e, your connection) as a separate entry? I don't think you meant that your &quot;New Network&quot; shows an IP address and a named site. I may have gotten confused by the way you grouped those together above. Remember that any &quot;site address&quot; or IP added to trusted zone is a site or PC that you are willing to share your files, printers, etc. with; i.e., you welcome them as part of your LAN with as much trust as a second computer in your own home.

It could be that your database has become &quot;corrupt&quot;. You can reset your database, which will take ZA back to similar to a new installation. You will lose all security settings and custom settings and will have to let ZA reconfigure them plus your own customizing. If you have backed up your ZA settings occasionally to a file you can just do a &quot;restore&quot; from the ZA Control Panel, under Overview | Preferences. But since most people don't do that periodically, a complete reset may be necessary. I try to do a backup of my ZA settings about every week or two. It's just a simple click to backup and restore.

In any case, here's how you do a full database reset if you want to do that:

Reboot into Safe Mode. Go to C:\windows\internet logs folder and delete these two files:
BACKUP.RDB and IAMDB.RDB. Then empty the Recycle Bin. These files will be re-created when you restart your computer in normal mode. Reboot into normal mode. Now your ZA will be &quot;virgin&quot;, ready for your manipulation, so to speak. When you connect to the internet, ZA will identify your network as a &quot;new&quot; network and ask you if you want it in the trusted or internet zone, etc. Be aware that doing a reset like this does not automatically place the loopback adapter back into the trusted zone. When you look at the ZA Firewall page in the Control Panel, loopback adapter will no longer be listed, and you'll have to manually add its IP (127.0.0.1) into the trusted zone and name it. ZA will add programs to the Program List as they are run and will auto-configure them if you have &quot;Smart Defense Advisor&quot; set to Auto, or you can use &quot;manual&quot; and customize the program permissions according to your needs.

Re: Can't access internet anymore with Zonealarm Pro enabled

Thanks for the feedback.
Let me go ahead and answer some of your questions before I proceed.
I did go back and block access on the Generic Host Service
Yes on using the router.
I'm using IE, version 6, typical automatic update, but I have not updated to IE7.
I have IE green check-marked across the board as well (good or bad?).
On the &quot;New Network&quot; listed in ZA Zone: it has the numbers for an IP address, which I would assume is to the router.
Then for site, it has numbers as well, 255.255. type of address.
I would assume these numbers were identified when I installed the software.
Until I read some of the information on some of the threads about entering the DNS and DHCP numbers, I've never entered anything manually.
I do have a second computer in the house as part of the wireless network, which was an older computer, and required installation of new hardware.
I do have files/printers set to be shared b/w the two computers.
I have not done anything fancy at all with the software, other than once in awhile I've had to disable pop-up ads.
Pretty much it's installed as another part of providing security, so resetting it back to default settings/letting ZA reconfigure again is not an issue.
Didn't know you could do some back-up of stuff.
If any of the info above would suggest I do something different than your initial recommendation, then let me know.
Otherwise, I'll reset.
I imagine it's the same as uninstall without all the headache of waiting?
Thanks,
Dave

Re: Can't access internet anymore with Zonealarm Pro enabled

Re: Can't access internet anymore with Zonealarm Pro enabled

<blockquote><hr>dridge wrote:
I have IE green check-marked across the board as well (good or bad?).On the &quot;New Network&quot; listed in ZA Zone: it has the numbers for an IP address, which I would assume is to the router. Then for site, it has numbers as well, 255.255. type of address. I would assume these numbers were identified when I installed the software.</blockquote>

It's BAD to have green checkmarks for anything &quot;across the board&quot;. There are very few programs that require any server rights at all. Nearly all programs that require internet access, like browsers, will only need 2 checkmarks. One under &quot;access&quot; trusted and &quot;access&quot; internet; then either ?'s (ask) or Red X's (blocked) in &quot;server&quot; trusted and &quot;server&quot; internet as well as &quot;send mail&quot;. Email programs will of course need &quot;send mail&quot;. Generic Host is one exception that for many people will require a green checkmark in &quot;trusted&quot; server, but NOT &quot;internet&quot; server. Scroll down your list and make sure you haven't granted other programs server rights, especially in the internet zone; this opens ports and makes them accessible from outside your LAN.

OK, I see what you mean by &quot;site address&quot;. What you are seeing there is not really a site address, that's just the column title. That second set of numbers is your subnet IP address. In that ZA Firewall control panel the column says &quot;IP address/site&quot; which means the column can be used for either an IP address or an entered named site. But your IP address/subnet address is an IP range. So it should show up like xxx.xxx.xxx.xxx/255.255.xxx.xxx, which is correct. These numbers are recognized by ZA as a &quot;new network&quot; when you first ran ZA. Once you reset your database and connect to internet again, it will re-recognize those numbers, tell you it has found a private network, and ask you if you want them in the trusted or internet zone. Select &quot;trusted&quot;, and it will even allow you to name it if you want. If I were you, I'd name it something like &quot;John's network&quot; or &quot;home network&quot; or whatever you like. This makes it easier to tell someday if ZA suddenly found another &quot;new network&quot;.

If your DNS server and DHCP server IP numbers fall within the range of your network IP and subrange number, then you won't have to manually enter them into ZA; they will already be included by that long number under your &quot;new network&quot;. Just be sure &quot;new network&quot; or whatever you name it is in the trusted zone. If it were to end up in the internet zone, you can change it at that same ZA interface by left-clicking it over it while in the &quot;zone&quot; column and choosing &quot;trusted&quot; (you have to have an active internet connection for it to show up in the ZA control panel). I assume you know how to find and check all those IP numbers from other posts? If all of them are very similar to your router IP, then they are likely already included in the range as determined by your subnet and won't have to be entered.

I agree in your case it might be best to do the database reset and start from scratch. Once you get things configured like you like, do a &quot;backup settings&quot; occasionally , and then the next time you want to do a reset, you can just restore those settings.

Re: Can't access internet anymore with Zonealarm Pro enabled

<blockquote><hr>dridge wrote:
...by the way, what is this TmProxy? Putting the cursor on it says &quot;listening to ports&quot;
<hr></blockquote>

Hi:
I don't use TrendMicro, so I can't answer your question specifically, and hopefully someone else using that product can comment. However, that bothers me seeing that there. Have you granted internet server rights to that program? Look in your program control list. I would think that there would be no need, and even danger, in allowing that. But again, I don't use that program or know anything about it, I'm merely talking about server rights in general. Since you told me you had Generic Host and IE both with checkmarks &quot;across the board&quot;, I wouldn't be surprised if you have too many checkmarks for your TrendMicro, too. Unless, of course, it's supposed to set up some kind of server program to function, and I can't imagine any program like that needing internet server permission. Any TrendMicro AV users out there who can comment and help this gentleman?

The first thing I'd do is be sure it is a legit copy of a TrendMicro file. Do a search and find it's location and check it's properties. Be sure it is in a correct TrendMicro folder.

Look at the Program Control list of your ZA control panel. If your TMproxy program has a checkmark under internet Server column (i.e., the next to last column). If there's one there, I'd consider changing that to ? and see what happens; if it really needs it, ZA will then ask (prompt) you for it. If it were me, I wouldn't want any programs to have Internet server rights. and for most people, Generic Host is the only program that will even need TRUSTED server rights. As far as other programs that will need internet ACCESS, very few will...mainly browsers, some financial software that updates or accesses online accounts, other programs that do updates online, etc. But none of those will need any server rights. This is all moot if you're going to do the database reset. But once reset, I wouldn't give anything server rights, but Generic Host, and even that one ONLY in the TRUSTED server column. In the meantime, maybe some TrendMicro user on here can chime in on the settings for TMproxy, but my gut instinct is that you may have granted it internet server rights that it shouldn't have. But then again, I have never used that product and not familiar with it.

You also said an IE icon is showing up as well as icons for TMproxy and Generic Host in the top right corner of your ZA Control Panel. IE should not be showing up unless you have the browser open. If your brower is closed and IE is showing up in that same place on ZA panel, that would be worrisome; you need to be sure you have not given IE internet server rights as well. If you place a cursor over IE icon, does it also say &quot;listening to ports?&quot; or does it just say &quot;Internet Explorer&quot;? IE does not need any server rights. It only needs 2 green checkmarks, one in trusted ACCESS and another in internet ACCESS. The two columns for server rights should be ? or X.

Re: Can't access internet anymore with Zonealarm Pro enabled

Disable the SpySweeper from the startup with Windows and reboot.Is there an internet connection now?
Disable the TrendMicro Antivirus from the startup with Windows and reboot. Is there an internet connection now?

The SpySweeper can be blocking something from startup in it's shields. This could be the problem.

The TrendMicro has no firewall component used? There are two types of TrendMicro Antiviruses- one with a firewall and one without a firewall. If yours has a firewall included, please be sure to turn that firewall off and use the ZAPro firewall only.

Also check the Windows and make sure the Windows Firewall is completely off- go into Services ( Control Panel > Administrative Tools > Services ) and disable the Windows Firewall.

Re: Can't access internet anymore with Zonealarm Pro enabled

Hey I appreciate the help from the two of you.
I went through ZA tonight and put a question mark under all but outlook under the Server column, trusted and internet.
Loaded up IE---nothing.
I will get green bars about 3/4 across, and that's it.
I disabled from start-up Trend Micro; Webroot Spysweeper (I had actually already done that which was how I discovered it was ZA stopping the connection, but I'm up for trying anything twice--especially after going back in and putting question marks in instead of check marks across the board on some programs).
Anyway, after disabling one, rebooting (I had ZA auto-loading at this point), I would get the same result.
It comes down to somehow, for some reason, ZA is blocking me out.

Oldsod, Trendmicro is just straight anti-virus and Windows firewall is/has always been disabled once I installed ZA.
I used to have Norton Internet Security, (part of the package for an HP), but that would always come up and say something was wrong and I was supposed to uninstall/re-install.
So I uninstalled it and got ZA due to excellent/high reviews.
Got to say I'm glad I got on this message board.
I'm learning a lot from the two of you.
So, what's next?
Should I go for the complete uninstall/reinstall, or go for the restore?

Re: Can't access internet anymore with Zonealarm Pro enabled

<blockquote><hr>dridge wrote:
&gt;So, what's next? Should I go for the complete uninstall/reinstall, or go for the restore?
<hr></blockquote>

You said you put ? under everything but Outlook. That is not correct for some programs. Especially Generic Host Service which needs a green checkmark in trusted access, internet access, and trusted server, but NOT trusted internet or send mail.

I don't think you're understanding that you and most other people probably have no program that needs Internet server rights in the Program List; that is dangerous. You said you gave checkmarks to Outlook all the way across, which is a no-no. It should only have these green checkmarks: one for trusted ACCESS and one for Internet Access, but only ? or X under trusted Server or Internet Server. Since you use it to send email I assume, you will need a green checkmark under &quot;send mail&quot;.

Well, a reset of the database would clean out your Program Control List and security settings and let you start anew configuring your ZA, and you could indeed try that before re-installing; you've played around with the Program Control LIst so much now it's hard to visualize just exactly how you have it. And things are getting so confusing now and some of your installation may have been affected by your other antimalware, that I'll tell you what I would do and that's to disconnect from the Internet (unplug the cable) and do a clean complete uninstall and re-install. i.e., I'd remove all remnants of ZA, clean up the registry by using this method below; follow it exactly:

One of the most important things in those instructions is to clear the checkmark from &quot;Load ZA at startup&quot; and rebooting. That turns off ZA on your system, so the uninstaller can work.

Before you reinstall, I would disable your Trend antivirus and your Spy Sweeper and any other antimalware program running so they won't interfere. (remember to do all this with your network cable unplugged and no Internet access)

Upon either database reset or complete re-installation it will start you off with a fresh program list. Generic Host will hopefully be preconfigured by ZA correctly with the green checkmark in 3 columns, but NOT in Internet Server, which is a no-no. Other programs will ask your permission the first time they run, unless ZA has them preconfigured (this will depend in part on whether you have elected to use SmartDefense Advisor on Auto or Manual.)

Once you see that ZA has completely installed and is running (icon in the systray) you can restart your Trend and Spy Sweeper. Then reboot again. Spy Sweeper will likely warn you that &quot;Zonealarm is trying to add zlclient.exe to the Startup folder&quot;. Click Allow to tell Spy Sweeper to allow that, because you want ZA to start with every boot. Once you have your security programs running, you can connect your PC back to the internet. For the time-being see if you can operate by using ZA's initial choices and without changing anything manually in the program control list. Any fine-tuning can be done later after everything is operational.

When you are connected back to the internet cable and ZA runs for the first time, it should identify your network 192.168.x.x. as a &quot;new network&quot;, tell you that it is a private network, and ask if you want it in the trusted or internet zone. Choose Trusted and name it &quot;John's Network&quot; or &quot;Home PC&quot; or &quot;Network A&quot; or anything you choose. Otherwise ZA will just name it &quot;New Network&quot; which can get confusing later on if you do use a new network.

When you open IE for the first time, ZA may say &quot;IE is trying to connect to Localhost 127.0.0.1). Click allow and &quot;remember&quot;. Then IE may say &quot;IE is trying to connect to the internet&quot;, click &quot;allow&quot; and &quot;remember&quot;. (If at that point, you happen to look at the program control list, you should see green checkmarks are in 2 columns for IE--one under trusted access and one other internet access; the next 3 columns should be ? or X.

You will in either case have to put your router, DNS, DHCP IP numbers in the Trusted Zone of your Firewall (unless their numbers are covered by the IP and subnet range in your network numbers, which they may very well be; you'll have to use the ipconfig command or network status icon to check your IP numbers). If you did just the database reset, you will also have to add the Loopback Adapter (127.0.0.1) back into the Trusted Zone; you might want to put it there before you launch IE the first time. If you did a complete re-install, it will automatically place the Loopback Adapter into the Trusted Zone.

So, see if you can get that far, then let us know your progress before you try to configure anything else.